Browse Source

- Added better error messages to login/register ajax response.

- Added new AES stream helper to encrypt/decrypt a stream as it's being processed.
tags/3.0.0
Teknikode 2 years ago
parent
commit
86e79b98ca

+ 58
- 55
ServerMaint/Program.cs View File

@@ -161,69 +161,72 @@ namespace ServerMaint
string filePath = Path.Combine(config.UploadConfig.UploadDirectory, subDir, upload.FileName);
if (File.Exists(filePath))
{
// Read in the file
byte[] data = File.ReadAllBytes(filePath);
// If the IV is set, and Key is set, then decrypt it
// If the IV is set, and Key is set, then scan it
if (!string.IsNullOrEmpty(upload.Key) && !string.IsNullOrEmpty(upload.IV))
{
// Decrypt the data
data = AES.Decrypt(data, upload.Key, upload.IV);
}

// We have the data, let's scan it
ClamScanResult scanResult = clam.SendAndScanFile(data);
byte[] keyBytes = Encoding.UTF8.GetBytes(upload.Key);
byte[] ivBytes = Encoding.UTF8.GetBytes(upload.IV);
FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read);
AESCryptoStream aesStream = new AESCryptoStream(fs, false, keyBytes, ivBytes, "CTR", "NoPadding");

switch (scanResult.Result)
{
case ClamScanResults.Clean:
string cleanMsg = string.Format("[{0}] Clean Scan: {1}/{2} Scanned | {3} - {4}", DateTime.Now, currentCount, totalCount, upload.Url, upload.FileName);
Output(cleanMsg);
break;
case ClamScanResults.VirusDetected:
lock (scanStatsLock)
{
totalViruses++;
}
string msg = string.Format("[{0}] Virus Detected: {1} - {2} - {3}", DateTime.Now, upload.Url, upload.FileName, scanResult.InfectedFiles.First().VirusName);
File.AppendAllLines(virusFile, new List<string> { msg });
Output(msg);
// We have the data, let's scan it
ClamScanResult scanResult = clam.SendAndScanFile(aesStream);

lock (dbLock)
{
string urlName = upload.Url;
// Delete from the DB
db.Uploads.Remove(upload);
// Close file stream
fs.Close();

// Delete the File
if (File.Exists(filePath))
switch (scanResult.Result)
{
case ClamScanResults.Clean:
string cleanMsg = string.Format("[{0}] Clean Scan: {1}/{2} Scanned | {3} - {4}", DateTime.Now, currentCount, totalCount, upload.Url, upload.FileName);
Output(cleanMsg);
break;
case ClamScanResults.VirusDetected:
string msg = string.Format("[{0}] Virus Detected: {1} - {2} - {3}", DateTime.Now, upload.Url, upload.FileName, scanResult.InfectedFiles.First().VirusName);
Output(msg);
lock (scanStatsLock)
{
File.Delete(filePath);
totalViruses++;
File.AppendAllLines(virusFile, new List<string> { msg });
}

// Add to transparency report if any were found
Takedown report = db.Takedowns.Create();
report.Requester = TAKEDOWN_REPORTER;
report.RequesterContact = config.SupportEmail;
report.DateRequested = DateTime.Now;
report.Reason = "Malware Found";
report.ActionTaken = string.Format("Upload removed: {0}", urlName);
report.DateActionTaken = DateTime.Now;
db.Takedowns.Add(report);

// Save Changes
db.SaveChanges();
}
break;
case ClamScanResults.Error:
string errorMsg = string.Format("[{0}] Scan Error: {1}", DateTime.Now, scanResult.RawResult);
File.AppendAllLines(errorFile, new List<string> { errorMsg });
Output(errorMsg);
break;
case ClamScanResults.Unknown:
string unkMsg = string.Format("[{0}] Unknown Scan Result: {1}", DateTime.Now, scanResult.RawResult);
File.AppendAllLines(errorFile, new List<string> { unkMsg });
Output(unkMsg);
break;
lock (dbLock)
{
string urlName = upload.Url;
// Delete from the DB
db.Uploads.Remove(upload);

// Delete the File
if (File.Exists(filePath))
{
File.Delete(filePath);
}

// Add to transparency report if any were found
Takedown report = db.Takedowns.Create();
report.Requester = TAKEDOWN_REPORTER;
report.RequesterContact = config.SupportEmail;
report.DateRequested = DateTime.Now;
report.Reason = "Malware Found";
report.ActionTaken = string.Format("Upload removed: {0}", urlName);
report.DateActionTaken = DateTime.Now;
db.Takedowns.Add(report);

// Save Changes
db.SaveChanges();
}
break;
case ClamScanResults.Error:
string errorMsg = string.Format("[{0}] Scan Error: {1}", DateTime.Now, scanResult.RawResult);
File.AppendAllLines(errorFile, new List<string> { errorMsg });
Output(errorMsg);
break;
case ClamScanResults.Unknown:
string unkMsg = string.Format("[{0}] Unknown Scan Result: {1}", DateTime.Now, scanResult.RawResult);
File.AppendAllLines(errorFile, new List<string> { unkMsg });
Output(unkMsg);
break;
}
}
}
}

+ 1
- 1
Teknik/Areas/Upload/Controllers/UploadController.cs View File

@@ -196,7 +196,7 @@ namespace Teknik.Areas.Upload.Controllers

return new FileGenerateResult(upload.Url,
contentType,
(response) => ResponseHelper.DecryptStreamToOutput(response, true, fs, (int)upload.ContentLength, keyBytes, ivBytes, "CTR", "NoPadding", Config.UploadConfig.ChunkSize),
(response) => ResponseHelper.StreamToOutput(response, true, new AESCryptoStream(fs, false, keyBytes, ivBytes, "CTR", "NoPadding"), (int)upload.ContentLength, Config.UploadConfig.ChunkSize),
false);
}
else // Otherwise just send it

+ 16
- 2
Teknik/Scripts/Common.js View File

@@ -27,8 +27,15 @@
window.location = html.result;
}
else {
var errMsg = html;
if (html.error) {
errMsg = html.error;
if (html.error.message) {
errMsg = html.error.message;
}
}
$("#loginStatus").css('display', 'inline', 'important');
$("#loginStatus").html('<div class="alert alert-danger alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>' + html.error + '</div>');
$("#loginStatus").html('<div class="alert alert-danger alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>' + errMsg + '</div>');
}
}
});
@@ -58,8 +65,15 @@
window.location.reload();
}
else {
var errMsg = html;
if (html.error) {
errMsg = html.error;
if (html.error.message) {
errMsg = html.error.message;
}
}
$("#registerStatus").css('display', 'inline', 'important');
$("#registerStatus").html('<div class="alert alert-danger alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>' + html.error + '</div>');
$("#registerStatus").html('<div class="alert alert-danger alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>' + errMsg + '</div>');
}
}
});

+ 150
- 0
Utilities/Utilities/StreamHelper.cs View File

@@ -0,0 +1,150 @@
using Org.BouncyCastle.Crypto;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace Teknik.Utilities
{
public class AESCryptoStream : Stream
{
private Stream _Inner;
private IBufferedCipher _Cipher;

public AESCryptoStream(Stream stream, bool encrypt, byte[] key, byte[] iv, string mode, string padding)
{
_Inner = stream;
_Cipher = AES.CreateCipher(encrypt, key, iv, mode, padding);
}

public override int Read(byte[] buffer, int offset, int count)
{
if (_Inner != null && CanRead)
{
int bytesRead = 0;

// Process the cipher
int processed = AES.ProcessCipherBlock(_Cipher, _Inner, count, buffer, offset, out bytesRead);

if (processed < bytesRead)
{
// Finalize the cipher
processed += AES.FinalizeCipherBlock(_Cipher, buffer, processed + offset);
}

return bytesRead;
}
return -1;
}

public override void Write(byte[] buffer, int offset, int count)
{
if (_Inner != null && CanWrite)
{
// Process the cipher
byte[] output = new byte[count];
int processed = _Cipher.ProcessBytes(buffer, offset, count, output, 0);

// Finalize the cipher
AES.FinalizeCipherBlock(_Cipher, output, processed);
_Inner.Write(output, 0, count);
}
}

public override bool CanRead
{
get
{
if (_Inner != null)
{
return _Inner.CanRead;
}
return false;
}
}

public override bool CanSeek
{
get
{
if (_Inner != null)
{
return _Inner.CanSeek;
}
return false;
}
}

public override bool CanWrite
{
get
{
if (_Inner != null)
{
return _Inner.CanWrite;
}
return false;
}
}

public override long Length
{
get
{
if (_Inner != null)
{
return _Inner.Length;
}
return -1;
}
}

public override long Position
{
get
{
if (_Inner != null)
{
return _Inner.Position;
}
return -1;
}

set
{
if (_Inner != null)
{
_Inner.Position = value;
}
}
}

public override void Flush()
{
if (_Inner != null)
{
_Inner.Flush();
}
}

public override long Seek(long offset, SeekOrigin origin)
{
if (_Inner != null)
{
return _Inner.Seek(offset, origin);
}
return -1;
}

public override void SetLength(long value)
{
if (_Inner != null)
{
_Inner.SetLength(value);
}
}
}
}

+ 1
- 0
Utilities/Utilities/Utilities.csproj View File

@@ -126,6 +126,7 @@
<Compile Include="RequestHelper.cs" />
<Compile Include="ResponseHelper.cs" />
<Compile Include="RSSFeedResult.cs" />
<Compile Include="StreamHelper.cs" />
<Compile Include="StringExtensions.cs" />
<Compile Include="StringHelper.cs" />
<Compile Include="UrlExtensions.cs" />

Loading…
Cancel
Save